188.42.211.42

As of: Dec 07, 2022 2:39am UTC | Latest
{
  "ip": "188.42.211.42",
  "services": [
    {
      "_decoded": "ftp",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "220 ftp-cloudfs 0.37.1 using pyftpdlib 1.5.1 (swiftclient 3.5.0) ready.\r\n",
      "banner_hashes": [
        "sha256:13028aff62c183d08f4c3c699def54a6b3d7710f02cd2a4023ee7355c28a9bd9"
      ],
      "banner_hex": "323230206674702d636c6f7564667320302e33372e31207573696e67207079667470646c696220312e352e3120287377696674636c69656e7420332e352e30292072656164792e0d0a",
      "extended_service_name": "FTP",
      "ftp": {
        "_encoding": {
          "banner": "DISPLAY_UTF8",
          "auth_tls_response": "DISPLAY_UTF8",
          "auth_ssl_response": "DISPLAY_UTF8"
        },
        "banner": "220 ftp-cloudfs 0.37.1 using pyftpdlib 1.5.1 (swiftclient 3.5.0) ready.\r\n",
        "auth_tls_response": "500 Command \"AUTH\" not understood.\r\n",
        "auth_ssl_response": "500 Command \"AUTH\" not understood.\r\n",
        "status_code": 220,
        "status_meaning": "Service ready for new user.",
        "implicit_tls": false
      },
      "observed_at": "2022-12-06T14:48:27.055250119Z",
      "perspective_id": "PERSPECTIVE_TELIA",
      "port": 21,
      "service_name": "FTP",
      "source_ip": "167.94.146.57",
      "transport_fingerprint": {
        "raw": "65535,64,true,MSTNW,1460,false,false"
      },
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "http",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate:  <REDACTED>\r\nContent-Type: text/html\r\nContent-Length: 166\r\nConnection: close\r\n",
      "banner_hashes": [
        "sha256:bc5eb8e2d7ebda4ee0d2d61a78be29270c02b7aab85e55addefd368b0a756c56"
      ],
      "banner_hex": "485454502f312e31203430302042616420526571756573740d0a5365727665723a206e67696e780d0a446174653a20203c52454441435445443e0d0a436f6e74656e742d547970653a20746578742f68746d6c0d0a436f6e74656e742d4c656e6774683a203136360d0a436f6e6e656374696f6e3a20636c6f73650d0a",
      "extended_service_name": "HTTP",
      "http": {
        "request": {
          "method": "GET",
          "uri": "http://188.42.211.42/",
          "headers": {
            "Accept": [
              "*/*"
            ],
            "_encoding": {
              "Accept": "DISPLAY_UTF8",
              "User_Agent": "DISPLAY_UTF8"
            },
            "User_Agent": [
              "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
            ]
          }
        },
        "response": {
          "protocol": "HTTP/1.1",
          "status_code": 400,
          "status_reason": "Bad Request",
          "headers": {
            "Server": [
              "nginx"
            ],
            "_encoding": {
              "Server": "DISPLAY_UTF8",
              "Connection": "DISPLAY_UTF8",
              "Content_Length": "DISPLAY_UTF8",
              "Date": "DISPLAY_UTF8",
              "Content_Type": "DISPLAY_UTF8"
            },
            "Connection": [
              "close"
            ],
            "Content_Length": [
              "166"
            ],
            "Date": [
              "<REDACTED>"
            ],
            "Content_Type": [
              "text/html"
            ]
          },
          "_encoding": {
            "html_tags": "DISPLAY_UTF8",
            "body": "DISPLAY_UTF8",
            "body_hash": "DISPLAY_UTF8",
            "html_title": "DISPLAY_UTF8"
          },
          "html_tags": [
            "<title>400 Bad Request</title>"
          ],
          "body_size": 166,
          "body": "<html>\r\n<head><title>400 Bad Request</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>400 Bad Request</h1></center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
          "body_hashes": [
            "sha256:c477bda8237a5799bf520bc7ca317da8811a903837030748cf7c16c404cc4297",
            "sha1:de8ac03789595e37408bd0b6d7b6e68eafc3f79c"
          ],
          "body_hash": "sha1:de8ac03789595e37408bd0b6d7b6e68eafc3f79c",
          "html_title": "400 Bad Request"
        },
        "supports_http2": false
      },
      "observed_at": "2022-12-07T02:38:28.713616627Z",
      "perspective_id": "PERSPECTIVE_HE",
      "port": 80,
      "service_name": "HTTP",
      "software": [
        {
          "uniform_resource_identifier": "cpe:2.3:a:nginx:nginx:*:*:*:*:*:*:*:*",
          "part": "a",
          "vendor": "nginx",
          "product": "nginx",
          "other": {
            "family": "nginx"
          },
          "source": "OSI_APPLICATION_LAYER"
        }
      ],
      "source_ip": "162.142.125.210",
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "http",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "certificate": "DISPLAY_HEX",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate:  <REDACTED>\r\nContent-Type: text/html\r\nContent-Length: 166\r\nConnection: close\r\n",
      "banner_hashes": [
        "sha256:bc5eb8e2d7ebda4ee0d2d61a78be29270c02b7aab85e55addefd368b0a756c56"
      ],
      "banner_hex": "485454502f312e31203430302042616420526571756573740d0a5365727665723a206e67696e780d0a446174653a20203c52454441435445443e0d0a436f6e74656e742d547970653a20746578742f68746d6c0d0a436f6e74656e742d4c656e6774683a203136360d0a436f6e6e656374696f6e3a20636c6f73650d0a",
      "certificate": "3c4d213c15798c215f003b63a85c66dcd86095bbfa125457fc3550aeb04e52d5",
      "extended_service_name": "HTTPS",
      "http": {
        "request": {
          "method": "GET",
          "uri": "https://188.42.211.42/",
          "headers": {
            "Accept": [
              "*/*"
            ],
            "_encoding": {
              "Accept": "DISPLAY_UTF8",
              "User_Agent": "DISPLAY_UTF8"
            },
            "User_Agent": [
              "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
            ]
          }
        },
        "response": {
          "protocol": "HTTP/1.1",
          "status_code": 400,
          "status_reason": "Bad Request",
          "headers": {
            "Content_Length": [
              "166"
            ],
            "_encoding": {
              "Content_Length": "DISPLAY_UTF8",
              "Server": "DISPLAY_UTF8",
              "Content_Type": "DISPLAY_UTF8",
              "Date": "DISPLAY_UTF8",
              "Connection": "DISPLAY_UTF8"
            },
            "Server": [
              "nginx"
            ],
            "Content_Type": [
              "text/html"
            ],
            "Date": [
              "<REDACTED>"
            ],
            "Connection": [
              "close"
            ]
          },
          "_encoding": {
            "html_tags": "DISPLAY_UTF8",
            "body": "DISPLAY_UTF8",
            "body_hash": "DISPLAY_UTF8",
            "html_title": "DISPLAY_UTF8"
          },
          "html_tags": [
            "<title>400 Bad Request</title>"
          ],
          "body_size": 166,
          "body": "<html>\r\n<head><title>400 Bad Request</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>400 Bad Request</h1></center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
          "body_hashes": [
            "sha256:c477bda8237a5799bf520bc7ca317da8811a903837030748cf7c16c404cc4297",
            "sha1:de8ac03789595e37408bd0b6d7b6e68eafc3f79c"
          ],
          "body_hash": "sha1:de8ac03789595e37408bd0b6d7b6e68eafc3f79c",
          "html_title": "400 Bad Request"
        },
        "supports_http2": false
      },
      "observed_at": "2022-12-06T10:13:13.755155680Z",
      "perspective_id": "PERSPECTIVE_NTT",
      "port": 443,
      "service_name": "HTTP",
      "software": [
        {
          "uniform_resource_identifier": "cpe:2.3:a:nginx:nginx:*:*:*:*:*:*:*:*",
          "part": "a",
          "vendor": "nginx",
          "product": "nginx",
          "other": {
            "family": "nginx"
          },
          "source": "OSI_APPLICATION_LAYER"
        }
      ],
      "source_ip": "167.248.133.117",
      "tls": {
        "version_selected": "TLSv1_2",
        "cipher_selected": "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
        "certificates": {
          "_encoding": {
            "leaf_fp_sha_256": "DISPLAY_HEX",
            "chain_fps_sha_256": "DISPLAY_HEX"
          },
          "leaf_fp_sha_256": "3c4d213c15798c215f003b63a85c66dcd86095bbfa125457fc3550aeb04e52d5",
          "chain_fps_sha_256": [
            "67add1166b020ae61b8f5fc96813c04c2aa589960796865572a3c7e737613dfd",
            "6d99fb265eb1c5b3744765fcbc648f3cd8e1bffafdc4c2f99b9d47cf7ff1c24f"
          ],
          "leaf_data": {
            "names": [
              "*.files.mow1.cloud.servers.ru",
              "*.mow1.objectile.ru"
            ],
            "subject_dn": "CN=*.files.mow1.cloud.servers.ru",
            "issuer_dn": "C=US, O=Let's Encrypt, CN=R3",
            "pubkey_bit_size": 2048,
            "pubkey_algorithm": "RSA",
            "tbs_fingerprint": "321ab9c6b7bcb63f1a4ac926087f0a3e537e70bd525a0fba760979dc944d707d",
            "fingerprint": "3c4d213c15798c215f003b63a85c66dcd86095bbfa125457fc3550aeb04e52d5",
            "issuer": {
              "common_name": [
                "R3"
              ],
              "organization": [
                "Let's Encrypt"
              ],
              "country": [
                "US"
              ]
            },
            "subject": {
              "common_name": [
                "*.files.mow1.cloud.servers.ru"
              ]
            },
            "public_key": {
              "key_algorithm": "RSA",
              "rsa": {
                "_encoding": {
                  "modulus": "DISPLAY_BASE64",
                  "exponent": "DISPLAY_BASE64"
                },
                "modulus": "vtqjTHlx3m9+u8h+fUJqW3EVrhk+QRsWzwiiFp9dBg654LSdS8/KDKyUf7K8R2g8e8dInyZ1bgZiBk6bJPY9qYC22GLACK1vXdyXRLmPjvdM45x9rqR2tUEXVnFRDL0uHQfroI+mOyOtbfNelNXHLOsc2yj+dt92p1+/Aie3PsEQTeDvQ08kieKXf0s/xyeArb82u/PAjlugnQAjRxx4g+PyxzILbYMNQUeCHB7ORcNcpGKS2aeFc4ZilFTnFrvtim2NaLXYcKLhJCtP2ON7s9eK7KaIilWEsrz+7SsZ97S+RtNGF00lVITSK9V1Lg33f9zimBIBFwGiMPrXdAiYBQ==",
                "exponent": "AAEAAQ==",
                "length": 256
              },
              "fingerprint": "1bea4c710acc4de672eb771d449bf9e5c2f126983c187e04f43e4df51769a78c"
            },
            "signature": {
              "signature_algorithm": "SHA256-RSA",
              "self_signed": false
            }
          },
          "chain": [
            {
              "fingerprint": "67add1166b020ae61b8f5fc96813c04c2aa589960796865572a3c7e737613dfd",
              "subject_dn": "C=US, O=Let's Encrypt, CN=R3",
              "issuer_dn": "C=US, O=Internet Security Research Group, CN=ISRG Root X1"
            },
            {
              "fingerprint": "6d99fb265eb1c5b3744765fcbc648f3cd8e1bffafdc4c2f99b9d47cf7ff1c24f",
              "subject_dn": "C=US, O=Internet Security Research Group, CN=ISRG Root X1",
              "issuer_dn": "O=Digital Signature Trust Co., CN=DST Root CA X3"
            }
          ]
        },
        "server_key_exchange": {
          "ec_params": {
            "named_curve": 29
          }
        },
        "session_ticket": {
          "length": 176,
          "lifetime_hint": 300
        },
        "_encoding": {
          "ja3s": "DISPLAY_HEX"
        },
        "ja3s": "e35df3e00ca4ef31d42b34bebaa2f86e"
      },
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "http",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "certificate": "DISPLAY_HEX",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "HTTP/1.1 400 Bad Request\r\ndate:  <REDACTED>\r\ncontent-type: text/html\r\ncontent-length: 166\r\n",
      "banner_hashes": [
        "sha256:c2974acafd7d842706c898ae46525013e6fcc83331a1709fce8fc1fc103d2cb7"
      ],
      "banner_hex": "485454502f312e31203430302042616420526571756573740d0a646174653a20203c52454441435445443e0d0a636f6e74656e742d747970653a20746578742f68746d6c0d0a636f6e74656e742d6c656e6774683a203136360d0a",
      "certificate": "3c4d213c15798c215f003b63a85c66dcd86095bbfa125457fc3550aeb04e52d5",
      "extended_service_name": "HTTPS",
      "http": {
        "request": {
          "method": "GET",
          "uri": "https://188.42.211.42:8080/",
          "headers": {
            "User_Agent": [
              "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
            ],
            "_encoding": {
              "User_Agent": "DISPLAY_UTF8",
              "Accept": "DISPLAY_UTF8"
            },
            "Accept": [
              "*/*"
            ]
          }
        },
        "response": {
          "protocol": "HTTP/1.1",
          "status_code": 400,
          "status_reason": "Bad Request",
          "headers": {
            "Content_Length": [
              "166"
            ],
            "_encoding": {
              "Content_Length": "DISPLAY_UTF8",
              "Content_Type": "DISPLAY_UTF8",
              "Date": "DISPLAY_UTF8"
            },
            "Content_Type": [
              "text/html"
            ],
            "Date": [
              "<REDACTED>"
            ]
          },
          "_encoding": {
            "html_tags": "DISPLAY_UTF8",
            "body": "DISPLAY_UTF8",
            "body_hash": "DISPLAY_UTF8",
            "html_title": "DISPLAY_UTF8"
          },
          "html_tags": [
            "<title>400 Bad Request</title>"
          ],
          "body_size": 166,
          "body": "<html>\r\n<head><title>400 Bad Request</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>400 Bad Request</h1></center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
          "body_hashes": [
            "sha256:c477bda8237a5799bf520bc7ca317da8811a903837030748cf7c16c404cc4297",
            "sha1:de8ac03789595e37408bd0b6d7b6e68eafc3f79c"
          ],
          "body_hash": "sha1:de8ac03789595e37408bd0b6d7b6e68eafc3f79c",
          "html_title": "400 Bad Request"
        },
        "supports_http2": true
      },
      "observed_at": "2022-12-06T10:22:25.790850534Z",
      "perspective_id": "PERSPECTIVE_NTT",
      "port": 8080,
      "service_name": "HTTP",
      "source_ip": "167.248.133.45",
      "tls": {
        "version_selected": "TLSv1_3",
        "cipher_selected": "TLS_CHACHA20_POLY1305_SHA256",
        "certificates": {
          "_encoding": {
            "leaf_fp_sha_256": "DISPLAY_HEX",
            "chain_fps_sha_256": "DISPLAY_HEX"
          },
          "leaf_fp_sha_256": "3c4d213c15798c215f003b63a85c66dcd86095bbfa125457fc3550aeb04e52d5",
          "chain_fps_sha_256": [
            "67add1166b020ae61b8f5fc96813c04c2aa589960796865572a3c7e737613dfd",
            "6d99fb265eb1c5b3744765fcbc648f3cd8e1bffafdc4c2f99b9d47cf7ff1c24f"
          ],
          "leaf_data": {
            "names": [
              "*.files.mow1.cloud.servers.ru",
              "*.mow1.objectile.ru"
            ],
            "subject_dn": "CN=*.files.mow1.cloud.servers.ru",
            "issuer_dn": "C=US, O=Let's Encrypt, CN=R3",
            "pubkey_bit_size": 2048,
            "pubkey_algorithm": "RSA",
            "tbs_fingerprint": "321ab9c6b7bcb63f1a4ac926087f0a3e537e70bd525a0fba760979dc944d707d",
            "fingerprint": "3c4d213c15798c215f003b63a85c66dcd86095bbfa125457fc3550aeb04e52d5",
            "issuer": {
              "common_name": [
                "R3"
              ],
              "organization": [
                "Let's Encrypt"
              ],
              "country": [
                "US"
              ]
            },
            "subject": {
              "common_name": [
                "*.files.mow1.cloud.servers.ru"
              ]
            },
            "public_key": {
              "key_algorithm": "RSA",
              "rsa": {
                "_encoding": {
                  "modulus": "DISPLAY_BASE64",
                  "exponent": "DISPLAY_BASE64"
                },
                "modulus": "vtqjTHlx3m9+u8h+fUJqW3EVrhk+QRsWzwiiFp9dBg654LSdS8/KDKyUf7K8R2g8e8dInyZ1bgZiBk6bJPY9qYC22GLACK1vXdyXRLmPjvdM45x9rqR2tUEXVnFRDL0uHQfroI+mOyOtbfNelNXHLOsc2yj+dt92p1+/Aie3PsEQTeDvQ08kieKXf0s/xyeArb82u/PAjlugnQAjRxx4g+PyxzILbYMNQUeCHB7ORcNcpGKS2aeFc4ZilFTnFrvtim2NaLXYcKLhJCtP2ON7s9eK7KaIilWEsrz+7SsZ97S+RtNGF00lVITSK9V1Lg33f9zimBIBFwGiMPrXdAiYBQ==",
                "exponent": "AAEAAQ==",
                "length": 256
              },
              "fingerprint": "1bea4c710acc4de672eb771d449bf9e5c2f126983c187e04f43e4df51769a78c"
            },
            "signature": {
              "signature_algorithm": "SHA256-RSA",
              "self_signed": false
            }
          },
          "chain": [
            {
              "fingerprint": "67add1166b020ae61b8f5fc96813c04c2aa589960796865572a3c7e737613dfd",
              "subject_dn": "C=US, O=Let's Encrypt, CN=R3",
              "issuer_dn": "C=US, O=Internet Security Research Group, CN=ISRG Root X1"
            },
            {
              "fingerprint": "6d99fb265eb1c5b3744765fcbc648f3cd8e1bffafdc4c2f99b9d47cf7ff1c24f",
              "subject_dn": "C=US, O=Internet Security Research Group, CN=ISRG Root X1",
              "issuer_dn": "O=Digital Signature Trust Co., CN=DST Root CA X3"
            }
          ]
        },
        "_encoding": {
          "ja3s": "DISPLAY_HEX"
        },
        "ja3s": "475c9302dc42b2751db9edcac3b74891"
      },
      "transport_protocol": "TCP",
      "truncated": false
    }
  ],
  "location": {
    "continent": "Europe",
    "country": "Luxembourg",
    "country_code": "LU",
    "postal_code": "",
    "timezone": "Europe/Luxembourg",
    "coordinates": {
      "latitude": 49.7498,
      "longitude": 6.1661
    },
    "registered_country": "Luxembourg",
    "registered_country_code": "LU"
  },
  "location_updated_at": "2022-12-04T20:18:49.164529Z",
  "autonomous_system": {
    "asn": 39134,
    "description": "UNITEDNET",
    "bgp_prefix": "188.42.211.0/24",
    "name": "UNITEDNET",
    "country_code": "RU"
  },
  "autonomous_system_updated_at": "2022-11-30T04:44:35.742756Z",
  "dns": {
    "names": [
      "secure.localkitchen.ru",
      "c36853.mo01.servers.im",
      "st1.goodsite-rus.site",
      "c27487.mow1.objectile.ru",
      "c36853.mow1.objectile.ru",
      "storage.files.mo01.cloud.servers.com",
      "storage.goodsite-ru.com",
      "app.stasis.black",
      "c23938.mow1.objectile.ru",
      "c22996.mow1.objectile.ru",
      "c27487.mo01.servers.im",
      "c23395.mo01.servers.im",
      "static.localkitchen.ru",
      "storage.files.mow1.cloud.servers.ru",
      "app.click.black",
      "c27004.mow1.objectile.ru",
      "static.lokobasket.com",
      "cloud.bart.id",
      "cases1.flexiligner.ru",
      "c27004.mo01.servers.im"
    ],
    "records": {
      "c36853.mo01.servers.im": {
        "record_type": "CNAME",
        "resolved_at": "2022-09-24T16:10:59.012203901Z"
      },
      "c23395.mo01.servers.im": {
        "record_type": "CNAME",
        "resolved_at": "2022-09-30T15:01:00.503001635Z"
      },
      "c27487.mow1.objectile.ru": {
        "record_type": "CNAME",
        "resolved_at": "2022-11-25T17:12:19.499979654Z"
      },
      "storage.files.mow1.cloud.servers.ru": {
        "record_type": "A",
        "resolved_at": "2022-11-20T16:55:12.459313670Z"
      },
      "static.localkitchen.ru": {
        "record_type": "CNAME",
        "resolved_at": "2022-12-01T08:41:31.843388718Z"
      },
      "cases1.flexiligner.ru": {
        "record_type": "CNAME",
        "resolved_at": "2022-09-30T17:27:40.544936804Z"
      },
      "app.click.black": {
        "record_type": "CNAME",
        "resolved_at": "2022-12-02T12:18:11.488311005Z"
      },
      "storage.goodsite-ru.com": {
        "record_type": "CNAME",
        "resolved_at": "2022-11-16T13:24:01.213405342Z"
      },
      "c27004.mow1.objectile.ru": {
        "record_type": "CNAME",
        "resolved_at": "2022-11-06T17:04:30.877465626Z"
      },
      "st1.goodsite-rus.site": {
        "record_type": "CNAME",
        "resolved_at": "2022-12-06T17:58:20.544622946Z"
      },
      "static.lokobasket.com": {
        "record_type": "CNAME",
        "resolved_at": "2022-11-13T13:25:55.980451076Z"
      },
      "storage.files.mo01.cloud.servers.com": {
        "record_type": "A",
        "resolved_at": "2022-09-29T14:13:26.502141678Z"
      },
      "c23938.mow1.objectile.ru": {
        "record_type": "CNAME",
        "resolved_at": "2022-11-28T17:05:49.171684194Z"
      },
      "c22996.mow1.objectile.ru": {
        "record_type": "CNAME",
        "resolved_at": "2022-11-09T16:29:56.633500231Z"
      },
      "cloud.bart.id": {
        "record_type": "CNAME",
        "resolved_at": "2022-11-24T14:49:40.976309570Z"
      },
      "c27004.mo01.servers.im": {
        "record_type": "CNAME",
        "resolved_at": "2022-09-30T15:01:01.279215670Z"
      },
      "app.stasis.black": {
        "record_type": "CNAME",
        "resolved_at": "2022-11-16T12:15:35.038515737Z"
      },
      "c27487.mo01.servers.im": {
        "record_type": "CNAME",
        "resolved_at": "2022-09-19T20:17:18.158061024Z"
      },
      "c36853.mow1.objectile.ru": {
        "record_type": "CNAME",
        "resolved_at": "2022-11-30T16:56:49.990832174Z"
      },
      "secure.localkitchen.ru": {
        "record_type": "CNAME",
        "resolved_at": "2022-11-28T17:06:00.616044547Z"
      }
    }
  },
  "last_updated_at": "2022-12-07T02:39:05.293Z"
}